The present invention relates to a storage controller comprising an encryption function, a data encryption method, and a storage system.
In organizations such as corporations, a storage controller configured separately from a host computer system (hereinafter referred to as a “host” ) is used to manage vast quantities of data. This kind of storage controller, for example, has numerous storage apparatuses such as hard disk drives built therein so as to provide a large-capacity storage area to the host.
The storage controller, for instance, stores various types of important confidential information such as personal information including the address and name of individuals, credit information and so on. Accordingly, technology for securely managing such important information and preventing unauthorized access is sought after.
A method of managing a storage controller using encryption technology for protecting important data is disclosed in Japanese Patent Laid-Open Publication No. 2005-322201 (Patent Document 1).
In Patent Document 1, an encryption processing unit is provided between a host interface connected to a host and a transfer control unit within an interface for controlling the communication with the host. Data received from the host is encrypted with the encryption processing unit, and then written in the hard disk drive. Like this, with the technology described in Patent Document 1, the encryption of data is performed within the storage controller, and security of data to be stored in the storage controller can thereby be ensured. In addition, according to Patent Document 1, by encrypting and storing data in a storage controller that stores vast quantities of important data, even when data is divulged to a third party who is not the owner of such data, the encryption of data will be able to prevent the unauthorized use of the divulged data.